Java Reference
In-Depth Information
Code and values that have no effect can be detected by suitable static analysis.
Bibliography
[Fortify 2013]
Code Quality: Dead Code
[Coverity 2007]
Coverity Prevent
™
User's Manual (3.3.0)
64. Strive for logical completeness
Software vulnerabilities can result when a programmer fails to consider all possible data
states.
Noncompliant Code Example (
if
Chain)
This noncompliant code example fails to test for conditions in which
a
is neither
b
nor
c
.
This may be the correct behavior in this case, but failure to account for all the values of
a
can result in logic errors if
a
unexpectedly assumes a different value.
if (a == b) {
/* ... */
}
else if (a == c) {
/* ... */
}
Compliant Solution (
if
Chain)
This compliant solution explicitly checks for the unexpected condition and handles it ap-
propriately:
if (a == b) {
/* ... */
}
else if (a == c) {
/* ... */
}
else {
